mod_autoindex is installed and enabled, files and directories will be listed whenever you're browsing a directory and no
DirectoryIndex files (normally configured as
welcome.html) are present in that directory.
It's a very useful feature but for security reasons you might disable directory browsing.
Disable directory listing in Apache:
The easiest way is probably to disable the autoindex module entirely. This would affect all the sites hosted on the server, which could be both good and bad.
The module is called
autoindex, and can be disabled by the
a2dismod command, as in the following example.
$ sudo a2dismod autoindex
The option could be applied per-directory, via the
Option directive as the following.
<Directory /var/www/mysite> Options -Indexes </Directory>
Notice that it's
-Indexes and not
This could be set in your
Apache's configuration file.
The above method would also work by adding a
.htaccess file with the following content that you want directory listing to be disabled.
Restart Apache for the changes to take effect
|Ubuntu 16.04 LTS (Xenial Xerus)|
|Ubuntu 16.10 (Yakkety Yak)|
|Ubuntu 17.04 (Zesty Zapus)|
|Ubuntu 17.10 (Artful Aardvark)|
|Ubuntu 18.04 LTS (Bionic Beaver)|
|Ubuntu 18.10 (Cosmic Cuttlefish)|
|Ubuntu 19.04 (Disco Dingo)|
Share your thoughts, suggest corrections or just say Hi. Login not required.